fix account deletion

2023-12-10 19:38:00 -05:00 · 2023-12-10 19:38:00 -05:00 · c8bafefc55
commit c8bafefc55
parent 18eb234774
4 changed files with 19 additions and 8 deletions
--- a/takahe/utils.py
+++ b/takahe/utils.py
@ -142,6 +142,18 @@ class Takahe:
            username__iexact=username, domain__domain__iexact=domain
        ).first()

+    @staticmethod
+    def delete_identity(identity_pk: int):
+        identity = Identity.objects.filter(pk=identity_pk).first()
+        if not identity:
+            logger.warning(f"Cannot find identity {identity_pk}")
+            return
+        logger.warning(f"Deleting identity {identity}")
+        identity.state = "deleted"
+        identity.deleted = timezone.now()
+        identity.state_next_attempt = timezone.now()
+        identity.save()
+
    @staticmethod
    def create_internal_message(message: dict):
        InboxMessage.create_internal(message)
--- a/takahe/views.py
+++ b/takahe/views.py
@ -61,5 +61,4 @@ def auth_login(request):

 def auth_logout(request: HttpRequest):
    response = redirect("/account/logout")
-    response.delete_cookie(settings.TAKAHE_SESSION_COOKIE_NAME)
    return response
--- a/users/account.py
+++ b/users/account.py
@ -234,10 +234,7 @@ def login_existing_user(request, existing_user):
 def logout(request):
    if request.method == "GET":
        # revoke_token(request.user.mastodon_site, request.user.mastodon_token)
-        auth_logout(request)
-        response = redirect(reverse("users:login"))
-        response.delete_cookie(settings.TAKAHE_SESSION_COOKIE_NAME)
-        return response
+        return auth_logout(request)
    else:
        raise BadRequest()

@ -509,6 +506,9 @@ def auth_login(request, user):
 def auth_logout(request):
    """Decorates django ``logout()``. Release token in session."""
    auth.logout(request)
+    response = redirect("/")
+    response.delete_cookie(settings.TAKAHE_SESSION_COOKIE_NAME)
+    return response


 def clear_data_task(user_id):
@ -516,6 +516,7 @@ def clear_data_task(user_id):
    user_str = str(user)
    if user.identity:
        remove_data_by_user(user.identity)
+    Takahe.delete_identity(user.identity.pk)
    user.clear()
    logger.warning(f"User {user_str} data cleared.")

@ -528,8 +529,7 @@ def clear_data(request):
        v = request.POST.get("verification")
        if v and (v == request.user.mastodon_acct or v == request.user.email):
            django_rq.get_queue("mastodon").enqueue(clear_data_task, request.user.id)
-            auth_logout(request)
-            return redirect(reverse("users:login"))
+            return auth_logout(request)
        else:
            messages.add_message(request, messages.ERROR, _("验证信息不符。"))
    return redirect(reverse("users:data"))
--- a/users/templates/users/account.html
+++ b/users/templates/users/account.html
@ -193,7 +193,7 @@
                  onsubmit="return confirm('账号数据一旦删除后将无法恢复。确认删除吗？');">
              {% csrf_token %}
              <div>
-                输入完整的 <code>用户名@实例名</code> 或 <code>电子邮件地址</code> 以确认删除
+                输入完整的登录用 <code>用户名@实例名</code> 或 <code>电子邮件地址</code> 以确认删除
                <input type="email"
                       name="verification"
                       _="on input remove [@disabled] from #delete end"